MS09-045 Deployed in Sept, now all workstations show relevant again

(imported topic written by ktm_200091)

My September baseline shows that the patch has been modified with the ever present “source fixlet differs” message and all of my PCs are now showing relevant for the patch.

Records show that the september baseline was applied in september and no major issues were encountered. I assume that the patch was installed at that time.

What changed??

(imported comment written by BenKus)

Hey KTM,

We announce whenever we make changes to Fixlets… see:

http://support.bigfix.com/cgi-bin/kbdirect.pl?id=517

You can also search our mailing list using our search mechanism at http://seach.bigfix.com

The announcement you are looking for is here where the relevance was adjusted to remove a false-negative:

http://bigmail.bigfix.com/pipermail/besadmin-announcements/2009-October/000561.html

Ben

(imported comment written by liuhoting91)

The following two fixlets changed on 10/8 from the MS09-045 series… The rest of the MS09-045 has been untouched since their publication on the September 09 Patch Tuesday.

904505 MS09-045: Vulnerability in JScript Scripting Engine Could Allow Remote Code Execution - JScript 5.7 - Windows XP SP2/SP3

904506 MS09-045: Vulnerability in JScript Scripting Engine Could Allow Remote Code Execution - JScript 5.7 - Windows XP SP2/SP3 - CORRUPT PATCH

Is that the MS09-045 fixlet that’s showing up as relevant on all of your machines now?

The fixlet was changed to allow for the install of the JScript 5.7 patch on XP SP3 systems with Internet Explorer 6, since Microsoft doesn’t actually put an IE restriction if the system is at XP SP3 (curiously though, they put the restriction almost everywhere else).

If you’ve already successfully applied this patch, things shouldn’t change. The regkey should still be set, and the files should all be updated to the correct version, so overall the relevance should evaluate to false. The changes on those two particular fixlets shouldn’t cause them all to show up as relevant.

You might be talking about something else though. Are you having issues with this particular series of fixlets?

(imported comment written by ktm_200091)

After looking at this some more, I deployed a patch last month but the relevance was wrong and none of the PCs which should have applied the patch applied the patch.

Now that the relevance has been corrected, the PCs now report that the patch is reqiured.

Fun… Fun … Fun…

Now after deploying October’s patches, I now see 974556: Security Update for Microsoft Office XP not deployed. The notes state that it was released on 10/13/09, It was probably released by microsoft on that date, but not by Big Fix.

DO YOU HAVE SLO’s ASSOCIATED WITH PROVIDING CORRECT PATCH CONTENT???

(imported comment written by BenKus)

Hi KTM,

Regarding 974556, these are hotfixes that we added… See here: http://forum.bigfix.com/viewtopic.php?id=4048

You are correct that the date in the console is the “Source Release Date” by design… There have been more requests that we add a “BigFix Release Date” or better-yet a “Fixlet history” for each Fixlet that lists publishing dates and all changes and we are looking into these requests to try to fit it into an upcoming version.

Ben